TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
973
vulnerability in the WebLaunch.WeblaunchCtl.1 ActiveX control includes the insecure "DoWebLaunch()" method,
which can be exploited to execute arbitrary commands on the vulnerable system.By persuading a victim to visit a
malicious Web page that passes an overly long string to the DoWebLaunch() method which allows remote attackers to
execute arbitrary programs via a ..\ (dot dot backslash) in the second argument to the DoWebLaunch method. The
vulnerable versions are weblaunch.ocx 1.0.0.1 and weblaunch2.ocx, which provide the ActiveX control, other versions
may also be affected. Failed exploit attempts will likely result in denial-of-service conditions. No remedy available as
of Nov 2008, user can set killbit to the clsid 97BB6657-DC7F-4489-9067-51FAB9D8857E corresponding to the progid
WebLaunch.WeblaunchCtl.1 to resolve this issue.
Signature ID: 35574
ImageShack Toolbar ImageShackToolbar.dll ActiveX Control Insecure Method Vulnerability
Threat Level: Warning
Industry ID: CVE-2008-4549 Bugtraq: 27439
Signature Description: ImageShack Toolbar is an ActiveX control integrated into a web browser, it is used to upload
images.The vulnerability is caused due to the ImageShackToolbar.FileUploader.1 ActiveX control
(ImageShackToolbar.dll) including the insecure "BuildSlideShow()" method, identified by CLSID BDF9442E-9B03-
42C2-87BA-2A459B0A5317. This vulnerability can be exploited to upload a specific image on a user's system to the
ImageShack site or disclose contents of non-image files by using e.g. a network sniffer on a local network. The
vulnerable platform are ImageShack ImageShack Toolbar 4.5.7. By persuading a victim to visit a malicious Web page,
a remote attacker could execute arbitrary code in the context of the application using the ActiveX control (typically
Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions. No remedy available as of
August 12, 2008, user can set killbit to the clsid BDF9442E-9B03-42C2-87BA-2A459B0A5317 to resolve this issue.
Signature ID: 35575
ImageShack Toolbar ImageShackToolbar.dll ActiveX Control Insecure Method Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-4549 Bugtraq: 27439
Signature Description: ImageShack Toolbar is an ActiveX control integrated into a web browser, it is used to upload
images.The vulnerability is caused due to the ImageShackToolbar.FileUploader.1 ActiveX control
(ImageShackToolbar.dll) including the insecure "BuildSlideShow()" method, identified by CLSID BDF9442E-9B03-
42C2-87BA-2A459B0A5317. This vulnerability can be exploited to upload a specific image on a user's system to the
ImageShack site or disclose contents of non-image files by using e.g. a network sniffer on a local network. The
vulnerable platform are ImageShack ImageShack Toolbar 4.5.7. By persuading a victim to visit a malicious Web page
which contain hex encoded data, a remote attacker could execute arbitrary code in the context of the application using
the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service
conditions. No remedy available as of August 12, 2008, user can set killbit to the clsid BDF9442E-9B03-42C2-87BA-
2A459B0A5317 to resolve this issue.
Signature ID: 35576
ImageShack Toolbar ImageShackToolbar.dll ActiveX Control Insecure Method Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-4549 Bugtraq: 27439
Signature Description: ImageShack Toolbar is an ActiveX control integrated into a web browser, it is used to upload
images.The vulnerability is caused due to the ImageShackToolbar.FileUploader.1 ActiveX control
(ImageShackToolbar.dll) including the insecure "BuildSlideShow()" method, identified by CLSID BDF9442E-9B03-
42C2-87BA-2A459B0A5317. This vulnerability can be exploited to upload a specific image on a user's system to the
ImageShack site or disclose contents of non-image files by using e.g. a network sniffer on a local network. The
vulnerable platform are ImageShack ImageShack Toolbar 4.5.7. By persuading a victim to visit a malicious Web page
which contain %u encoded data, a remote attacker could execute arbitrary code in the context of the application using
the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service